What small- to medium-size company isn’t struggling with providing network services to remote offices and users? That certainly has been the case here at TechRepublic.

In this installment of From the Trenches, we’ll look at how our IT director, Troy Atwood, senior network administrator David Hoffman, and network administrator Mike Laun tackled several thorny issues using the Web-enabled Terminal Services package that comes with Microsoft’s Windows 2000 Server and Advanced Server.

Here’s what they’ve been doing to take advantage of Terminal Services at TechRepublic. Atwood, Hoffman, and Laun set up services to:

  • Remotely administer a number of servers.
  • Allow contractors remote access to a limited number of applications.
  • Allow remote offices to offload application-intensive services to the company’s servers.

As you’ll see, the Web-based attributes in Terminal Services allow for two major functionalities—server administration and application serving.

The best thing about this is that Terminal Services is now a part of the Windows 2000 Server packages, whereas before Win2K, you had to pay extra for less functionality.

A virtual visit to the glass room
In the old days, there were great big mainframe computers sitting in chilly glass rooms in huge corporations. Today, there are still chilly glass rooms, but more of them are filled with multiple racks of servers—and many are located in small- to medium-size businesses. TechRepublic is one of them. In our glass room, we have more than 50 servers humming away and providing the electronic nerve center for our business.

If you’ve ever had to administer some of these servers in one of these chilly rooms, you’d appreciate the ability to accomplish administration from the confines of your cozy office.

“With Windows 2000, we can just Terminal Server into any server and do what we need to do,” Hoffman said. He described the Terminal Services Web interface as pretty much like the straight Terminal Services client and said it’s his preferred method of accessing the servers.

With the Web client, administrators see the desktop interface of the server just as they’d see it from a monitor connected to the server, and it offers nearly all the functionality they’d have if they were actually sitting in front of the machine.

“It basically eliminated our need for pcAnywhere. There are very few things we need pcAnywhere for anymore,” Laun said.

While Laun appreciates the ability to hit and control the servers from any location, Hoffman likes the Web interface for navigation simplicities. He made a Web page that lists all the company’s servers with hyperlinks to their Terminal Service logon pages. The Terminal Server Admin Page Hoffman wrote is also linked to from the intranet support page.

When Hoffman needs to update a driver or piece of software on any of the servers, he likes to use Terminal Services to log on to the server and then, using that server’s Internet Explorer and network connection, download the update directly to the server that needs it.

In fact, Hoffman has a Web page that divides the screen into four panels, and he can have a different server desktop in each one. This allows him to do more things at once and actually see, in real time, files being copied from one server to another. As the four panels are on one Web page, he can open as many four-paneled Web pages as he needs and log on to all the servers he needs to work on.

“The one disadvantage to Terminal Services is that you never get on the actual console of the server. If there’s an error message on the console, you’ll never see it,” Atwood said. “We have a workaround for that. On all of our Compaq servers, we have a Remote Lights-out Insight Board. They call it a RIB.

“All your functions—video, keyboard, and mouse—go through that card, which has separate processor, separate power supply, and separate network connection. So you connect via Web browser to that card and you can actually see the console on that card. With most of our servers, you can actually shut that server down, power it off, and power it back on.”

Hoffman is in the process of adding the RIB links to his Terminal Server Admin Page to make those easier to access as well.

A thin client portal to fat client functionality
While keeping network administrators warm and happy may be reason enough to enable Terminal Services on Windows 2000 Server, remote users dealing with data-intensive programs can feel the real power of Web-enabled services.

One of the first uses for the applications server functionality of Terminal Services at TechRepublic was with our customer relationship management (CRM) software that tracks and automates e-mail responses to our members.

TechRepublic has 10 to 15 contractors in New York utilizing our mail servers in Louisville, KY, to work on the CRM software.

“When they first did that, we were having them VPN into our network and we had to give them the fat client,” Atwood said. VPN gave the contractors more access to the network than Atwood really felt comfortable sharing, and performance of the fat client over the Internet was less than anyone desired.

“So when we could, we brought up the Terminal Server and put the fat client on there. The contractors come in through port 443 [the secure SSL port] through a Web browser,” Atwood said. “We don’t have to worry about what OS they’re running or what their system is on. As long as they have Internet Explorer 5.5 set up, they come in, they get a terminal session, and they can run the application.”

With the fat client for the CRM software now on the server, all the CPU activity happens there. The contractors essentially have a thin client through their browser window. All that’s going across the Internet are screen pictures. Contractors end up with much better functionality.

Hoffman said that he created a Windows NT system policy (from the domain controller) that runs against the contractor’s account and limits what they can do and what applications are available.

Another use for the applications server in Terminal Services is for TechRepublic’s financial transactions at remote offices.

“They only had fat clients, and it was so data-intensive that over a T1, it was ludicrous. So giving them a terminal session, all they’re getting is screen paints through a Web browser and then all the horsepower is left on the server,” Atwood said.

Tending to Terminal tasks
If this sounds pretty good to you, there are a few things you should know about Terminal Services.

The first is that to get the Web-based functionality on your server, you’ll have to install Internet Information Server (IIS). The second issue involves installing Terminal Services itself. Like IIS, Terminal Services is not part of the default install on Windows 2000 Server, so you will have to select it during the install for all the servers you will use it on. You can add Terminal Services if you’ve already done the Win2K Server install.

During installation of Terminal Services, the Terminal Services Configuration and Terminal Services Licensing Manager applets are installed as well. If all you are going to do is administer your servers via Terminal Services, the Licensing Manager is not going to be an issue with you. However, if you’re going to use the application server functions of Terminal Services, you’ll need to purchase a number of Terminal Service CALs (client access licenses) from Microsoft for all the non-Windows 2000 Pro clients. Windows 2000 Pro has its own CAL that includes its use with Terminal Services.

Two other tasks of note:

  • You must be in the install mode on an application server to add or remove programs. You can do this with the Add/Remove Programs applet in Control Panel or from the command line.
  • Adding Log Off to the Start menu of the remote machine will prevent you from accidentally shutting down a remote server. You do this by right-clicking the Taskbar, choosing Properties, clicking on the Advanced tab, and selecting the Display Log Off check box.

Fun things to do
If you have the time to do it, you can use Terminal Services to provide a Web-based interface to employees at home or on the road that looks and functions just like the PCs on the desk in their office, according to Atwood.

“It looks just like a workstation, with the Start button and everything. Their only options would be to disconnect and log off,” Hoffman said.

That begs an obvious question: What’s the difference between disconnecting and logging off?

“The difference is that if you choose a disconnect, it actually kicks off your client, but you can go back later and log on with the same user name and password, and you’ll have the same desktop,” Laun said. If you were in the middle of a Word document, you’d return to find the document just like you left it. “But if you do a logoff, it’s like a normal logoff that shuts down all your apps and takes you out.”

Are you thinking about the possibilities?

If you aren’t using Web-based Terminal Services now, we bet you are thinking of ways you can use it. And if you are already using it, how about sharing some of the ways you’ve found it helpful in your organization. Send us a note or post a comment in the discussion below.